Interpreting ping response? (the POD lives??)
Kevin D. Kinsey, DaleCo, S.P.
kdk at daleco.biz
Tue Apr 13 10:08:20 PDT 2004
> Kevin D. Kinsey, DaleCo, S.P. wrote:
>> can you tell me what might be happening?
>> <kdk at eli> [/home/kdk] [16:25]
>> #sudo ping -s 2048 app
>> PING app.southuni.com (192.168.0.80): 2048 data bytes
>> 36 bytes from app.southuni.com (192.168.0.80): Destination Host
> This may indicate that the computer is behind a firewall, that blocks
> to ping.
Well, yes; I am somewhat aware of that. Can you tell
me what the hieroglyphics mean?
>Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
>4 5 00 05dc 07bd 0 0000 3f 01 1677 192.168.0.2 192.168.0.80
There is, AFAIK, no firewall here; the situation:
the two hosts are on the same private Class C,
and "app" is an application server running an OS that
is neither a *BSD nor M$ stuff. The crux of the issue
is that "app" responded normally to pings of 56, 128, 256,
512, and 1024 bytes, and then when the 2048 byte packet
was sent, we got this response and the whole shop went
offline, hence the subtitle to this post (the POD lives??)
The shop has problems similar to this rather frequently,
and my next step is probably to put an old-style hub on
the wire right next to "app" with a lil' FBSD box that I
can run ethereal or tcpdump on, but it may not do me
much good until I can learn how to read this stuff a little
I want to blame the OS or the app vendor, or the M$
Windows client that connects to it. Fortunately for us,
the only FreeBSD machine in this scenario is the one doing
the attacking. I'll probably be hunting for clues (and
harping the blues) elsewhere, as it doesn't appear to be
related to FreeBSD at all, but as I frequent this list
I thought I might gain a bit of insight by asking.
Thanks for your response :-)
More information about the freebsd-questions